@Pavan Arshewar wrote:
If you have condition in enforcement policy to update new associating device as known then it should update device as known in Endpoint repository.
We have this, and all of my testing shows that it works.
However, occasionally I'll see devices that have hit the service which are not marked known.
For example, I was tracking one device by host MAC address in Access Tracker. I saw it authenticate successfully against one service and get marked known in the Output tab. Then a few days later, that same devices fails to authenticate against the new service because it is not marked known.
To Clarify - Service 1 is just 802.1X user credentials and marks successful auths as known. Service 2 requires known device with user credentials. It works for almost all devices, just occasionally see the issue where a device should have been marked as known, but it's not.
I'm trying to figure out if it's a bug or if there is some other mechanism within ClearPass that will unmark the Known flag. Perhaps a Reject or something is making Known devices Unknown?
We have clean-up intervals of 60 days for Known devices, but the time between successful auth and failed auth for being unknown is only a couple of days.